> ## Documentation Index
> Fetch the complete documentation index at: https://docs-dev-docs-event-stream-action-templates.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Get Token

> Request an access token using the Client Credentials Flow for machine-to-machine authentication.

export const ResponseSchema = ({statusCode, type = "{}", children}) => {
  const [open, setOpen] = useState(false);
  return <div className="border border-gray-100 dark:border-gray-800 rounded-lg mb-3 overflow-hidden">
      <div className={`flex items-center gap-2.5 px-4 py-2.5 cursor-pointer select-none ${open ? "bg-gray-50 dark:bg-gray-800" : ""}`} onClick={() => setOpen(!open)}>
        {statusCode && <span className="border border-gray-300 dark:border-gray-600 text-gray-700 dark:text-gray-300 font-mono text-xs px-1.5 py-0.5 rounded">
            {statusCode.startsWith("default") ? "default" : statusCode}
          </span>}
        <span className="text-gray-500 dark:text-gray-400 text-sm font-mono">
          {type}
        </span>
        <span className="text-gray-400 dark:text-gray-500 text-sm italic">
          application/json
        </span>
        <svg className={`ml-auto opacity-50 transition-transform duration-200 ${open ? "rotate-180" : ""}`} width="16" height="16" viewBox="0 0 16 16" fill="none">
          <path d="M4 6l4 4 4-4" stroke="currentColor" strokeWidth="1.5" strokeLinecap="round" strokeLinejoin="round" />
        </svg>
      </div>
      {open && <div className="px-4 pt-1 pb-3 border-t border-gray-100 dark:border-gray-800">
          {children}
        </div>}
    </div>;
};

## Endpoint

`POST /oauth/token`

This is the OAuth 2.0 grant that server processes use to access an API. Use this endpoint to directly request an access token by using the application's credentials (a Client ID and a Client Secret).

### Responses

#### 200

A successful response will return an access token.

```json theme={null}
{
  "access_token":"eyJz93a...k4laUWw",
  "token_type":"Bearer",
  "expires_in":86400
}
```

### Learn More

* [Client Credentials Flow](https://auth0.com/docs/get-started/authentication-and-authorization-flow/client-credentials-flow)
* [Call API using the Client Credentials Flow](https://auth0.com/docs/get-started/authentication-and-authorization-flow/client-credentials-flow/call-your-api-using-the-client-credentials-flow)
* [Setting up a Client Grant using the Management Dashboard](https://auth0.com/docs/get-started/applications/update-grant-types)
* [Asking for Access Tokens for a Client Credentials Grant](https://auth0.com/docs/get-started/authentication-and-authorization-flow/client-credentials-flow/call-your-api-using-the-client-credentials-flow)

## Headers

<ParamField header="DPoP" type="string">
  A DPoP proof for the request. This is optional and only required if your application uses Demonstrating Proof-of-Possession.
</ParamField>

## Body Parameters

<ParamField body="grant_type" type="string" required>
  Denotes the flow you are using. For Client Credentials use `client_credentials`.

  Allowed values: `client_credentials`
</ParamField>

<ParamField body="client_id" type="string" required>
  Your application's Client ID.
</ParamField>

<ParamField body="client_secret" type="string" required>
  Your application's Client Secret.
</ParamField>

<ParamField body="audience" type="string" required>
  The unique identifier of the target API you want to access.
</ParamField>

<ParamField body="resource" type="string">
  The identifier of the target API (resource server) you want to access. Must match an API Identifier registered in your Auth0 tenant. Used as an alternative to `audience` when the tenant's [Resource Parameter Compatibility Profile](https://auth0.com/docs/get-started/tenant-settings#settings-advanced) is set to `compatibility`.
</ParamField>

<ParamField body="organization" type="string">
  \[Recommended]The organization or identifier with which you want the request to be associated. To learn more, read [Machine-to-Machine Access for Organizations](https://auth0.com/docs/manage-users/organizations/organizations-for-m2m-applications).
</ParamField>

## Response Schema

<ResponseSchema>
  <ResponseField name="access_token" type="string">
    The access token.
  </ResponseField>

  <ResponseField name="token_type" type="string">
    The type of token. Usually `Bearer`.
  </ResponseField>

  <ResponseField name="expires_in" type="integer">
    The access token lifetime in seconds.
  </ResponseField>
</ResponseSchema>

## Response Messages

| Status | Description         |
| ------ | ------------------- |
| 200    | Successful response |